Cryptology ePrint Archive: Report 2010/452

Abstract: This paper presents a new and complete cryptographic e-voting system, called Direct Recording Electronic with Integrity (DRE-i). The DRE is a widely deployed voting system that commonly uses touch-screen technology to directly record votes. However, a lack of tallying integrity has been considered the most contentious problem with the DRE system. In this work, we take a broad interpretation of the DRE: which includes not only touch-screen machines, as deployed at polling stations, but also remote voting systems conducted over the Internet or mobile phones. In all cases, the system records votes directly. The DRE-i protocol is generic for both on-site and remote voting; it provides a drop-in mathematical solution to ensure tallying integrity even if the DRE machine is completely corrupted. Besides the tallying integrity, we also describe procedural means to protect voter's privacy in a complete system. As compared with the currently well-known Helios e-voting system, our work represents a significant improvement in two main aspects. First, it permits a thin client: a web-based implementation of DRE-i does not require any Java plug-in to be installed or Javascript to be enabled. Second, it is self-tallying: as we adopt a novel technique to encrypt votes, anyone can tally votes by simply multiplying ciphertexts without needing any private keys or tallying authority involvement.